Open Directory Exposes Three Evilginx Phishing Operators
Misconfigured server exposed three phishing operators running Evilginx forks to bypass MFA
Misconfiguration exposes assets through unsafe settings, enabling unauthorized access or data loss; secure baselines, reviews, and least privilege reduce risk.
Search across headline titles and summaries.
Background for this topic.
Misconfiguration is an insecure or unintended setting in a system, application, network, cloud resource, or identity control. Examples include publicly accessible storage, default credentials, overly broad permissions, exposed management interfaces, unnecessary services, and weak encryption settings. Attackers can discover these conditions through scanning or by abusing access they already possess; depending on the asset and data involved, the result may be unauthorized access, data exposure, or expanded control of connected systems.
The main defense is to define and enforce secure configuration baselines: disable unused features, remove default accounts and secrets, restrict network exposure, apply least privilege, and protect sensitive data with appropriate access controls and encryption. Review configurations before deployment and monitor for drift afterward, including in infrastructure managed as code. Prioritize findings by internet exposure, privilege, data sensitivity, and exploitability, then verify that remediation actually restored the intended state.
Weekly headline count for the current query.
Misconfigured server exposed three phishing operators running Evilginx forks to bypass MFA
Wiz Security claims Moltbook misconfiguration allowed full read and write access
A critical AWS CodeBuild misconfiguration has exposed core repositories to potential attack
Misconfigurations abused to make phishing emails look like they come from within the organization
Misconfigured AI-linked MCP servers are exposing users to data breaches and remote code execution threats
The products affected by the issues are part of the Salesforce OmniStudio suite, including FlexCards and Data Mappers
Wiz finds new threat group running cryptojacking campaign via exploited and misconfigured DevOps assets
A misconfigured tracking tool has exposed protected health information of 4.7 million Blue Shield members to Google Ads
Hackers exploited AWS misconfigurations, leaking 2TB of sensitive data, including customer information, credentials and proprietary source code
DDoS campaign by Matrix targets IoT devices and servers, exploiting weak credentials and public scripts
Over 1 million domains are vulnerable to “Sitting Ducks” attack, which exploits DNS misconfigurations
Misconfigurations in Microsoft Power Pages granting excessive access permissions expose sensitive data, risking PII to unauthorized users
EMERALDWHALE breach allowed access to over 10,000 repositories and resulted in the theft of more than 15,000 cloud service credentials
The data leak exposed personal data of 100m US citizens, resulting from a misconfigured database made accessible online
CloudSek said the RansomEXX breach occurred via a misconfigured Jenkins server at Brontoo Technology
A Thales report found that 44% of organizations have experienced a cloud data breach, with human error and misconfigurations the leading root causes
This occurs when a private package fetches a similar public one, leading to exploit due to misconfigurations in package managers
An AppOmni researcher detailed a misconfiguration in the HSE COVID Vaccination Portal, exposing the health and personal data of over a million Irish citizens
Cado said the payloads facilitated RCE attacks by leveraging common misconfigurations and known vulnerabilities
Mandiant has shared its findings following X account hijacking, firm blames misconfigured 2FA and X's policy change